Lucene search
K

196 matches found

OSV
OSV
added 3 days ago4 views

ROOT-OS-UBUNTU-2404-CVE-2026-53140 CVE-2026-53140 in rootio-linux - Patched by Root

Root has patched CVE-2026-53140 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
OSV
OSV
added 3 days ago6 views

ROOT-OS-UBUNTU-2404-CVE-2025-21820 CVE-2025-21820 in rootio-linux - Patched by Root

Root has patched CVE-2025-21820 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS7.6AI score0.00155EPSS
Exploits0
OSV
OSV
added 6 days ago2 views

GHSA-H72H-PPCX-998P Zebra has pre-handshake buffer capacity reservation based on attacker-claimed body length

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. Summary The P2P codec's Codec::decode method calls src.reservebodylen + HEADERLEN after parsing a 24-byte protocol header,...

3.7CVSS6AI score
Exploits0References4
NVD
NVD
added 2026/06/30 5:16 p.m.9 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

8.1CVSS0.00237EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 2:52 p.m.7 views

CVE-2026-57316

Subscriber Sensitive Data Exposure in GetGenie = 4.4.2 versions...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...

9.8CVSS7.1AI score0.02411EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 3:27 p.m.17 views

CVE-2026-56024 WordPress WP EasyPay plugin <= 4.5.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal WP EasyPay allows Cross Site Request Forgery. This issue affects WP EasyPay: from n/a through 4.5.0...

6.5CVSS0.00124EPSS
Exploits0References1
OSV
OSV
added 2026/06/18 8:52 a.m.3 views

SUSE-SU-2026:2445-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...

9.8CVSS7AI score0.00715EPSS
Exploits3References20
EUVD
EUVD
added 2026/06/15 9:30 p.m.8 views

EUVD-2026-36971

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-40727

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-40727 WordPress Groundhogg plugin <= 4.4 - Arbitrary File Deletion vulnerability

Sales Representative Arbitrary File Deletion in Groundhogg = 4.4 versions...

7.7CVSS5.2AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.22 views

PT-2026-49241

Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.1 Description The native TCP stack contains a use-after-free flaw when iterating the global connection list in the net tcp foreach function. The issue occurs because the function releases the tcp lock while invokin...

5.3CVSS6AI score0.00274EPSS
Exploits1References4
NVD
NVD
added 2026/06/07 3:16 a.m.16 views

CVE-2026-11448

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

5.8CVSS0.01582EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.23 views

PT-2026-47169

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

5.8CVSS5.1AI score0.01582EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.20 views

PT-2026-47171

A vulnerability was detected in GL.iNet GL-MT3000 4.4.5. This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalization Handler. Performing a manipulation of the argument dev name results in command injection. It is possible to initiate the attack...

7.5CVSS7.1AI score0.01572EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.15 views

CVE-2026-7379

Memory leak in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

7.5CVSS5.4AI score0.00193EPSS
Exploits1References1
Fedora
Fedora
added 2026/06/05 4:27 a.m.12 views

[SECURITY] Fedora 44 Update: perl-Cpanel-JSON-XS-4.41-1.fc44

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...

7.5CVSS5.8AI score0.00375EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/26 1:54 a.m.24 views

SUSE CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/26 1:54 a.m.27 views

SUSE CVE-2026-7737

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

7.5CVSS5.6AI score0.00631EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 8:16 a.m.14 views

CVE-2026-44068

Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outside the intended metadata namespace via crafted EA names...

7.6CVSS0.00322EPSS
Exploits0References1
Rows per page
Query Builder